SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 0cf710e33d3e4a572dcba9763d92e65b5d9caf57.

Database Entry


SHA1 Fingerprint:0cf710e33d3e4a572dcba9763d92e65b5d9caf57
Certificate Common Name (CN):localhost
Issuer Distinguished Name (DN):localhost
TLS Version:TLSv1
First seen:2016-10-19 07:16:48 UTC
Last seen:2016-10-27 01:06:09 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2016-10-27 11:08:56
Malware samples:4
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-10-27 01:06:09daf5cdf25f3aabc9e7562a33dfc7d3e5Virustotal results 36/56 (64.29%) Gootkit 89.108.79.217:80
2016-10-27 01:06:09daf5cdf25f3aabc9e7562a33dfc7d3e5Virustotal results 36/56 (64.29%) Gootkit 89.108.79.217:80
2016-10-21 01:52:11727172aef200468346145ebc8c6a54ecVirustotal results 42/57 (73.68%) Gootkit 89.108.79.217:80
2016-10-21 01:52:11727172aef200468346145ebc8c6a54ecVirustotal results 42/57 (73.68%) Gootkit 89.108.79.217:80
2016-10-20 09:07:5561198770bc7ee462c87ae9fd038890c6Virustotal results 35/56 (62.50%) Gootkit 89.108.79.217:80
2016-10-20 09:07:5561198770bc7ee462c87ae9fd038890c6Virustotal results 35/56 (62.50%) Gootkit 89.108.79.217:80
2016-10-19 07:16:488341966ee19ccc27e1e7948301e6f7e0Virustotal results 23/57 (40.35%) Gootkit 89.108.79.217:80
2016-10-19 07:16:488341966ee19ccc27e1e7948301e6f7e0Virustotal results 23/57 (40.35%) Gootkit 89.108.79.217:80

# of entries: 8 (max: 100)